Abstract

advertisement
Secure Content Distribution using Network Coding
Algorithm
ABSTRACT:
Content distribution via network coding has received a lot of attention lately.
However, direct application of network coding may be insecure. In particular,
attackers can inject “bogus” data to corrupt the content distribution process so as to
hinder the information dispersal or even deplete the network resource. Therefore,
content verification is an important and practical issue when network coding is
employed. When random linear network coding is used, it is infeasible for the source
of the content to sign all the data, and hence, the traditional “hash-and-sign”
methods are no longer applicable. Recently, a new on-the-fly verification technique
has been proposed by Krohn et al. (IEEE S&P ’04), which employs a classical
homomorphic hash function. However, this technique is difficult to be applied to
network coding because of high computational and communication overhead. We
explore this issue further by carefully analyzing different types of overhead, and
propose methods to help reducing both the computational and communication cost,
and provides provable security at the same time.
EXISTING SYSTEM:
 The
existing
system
uses
cryptographic
hash
function
which
is
computationally very expensive, even in their probabilistic batch verification
variant. This is made worse when the KFM (homomorphic cryptographic hash
functions) scheme is adopted for random linear network coding, since the
random combination coefficients have to be much larger.
 Other major problem in the existing system is the communication overhead in
network coding context can be much more significant and cannot be ignored
due to the large sizes of the parameters, hash values, and coefficient vectors.
PROPOSED SYSTEM:
 The proposed system investigates the security and efficiency issues in large
content distribution based on network coding.
 Our proposed scheme consists of two algorithms, namely, the encoding
algorithm where the original data are prepared for distribution and the
verification algorithm, which is used by individual nodes to verify the
integrity of the received data.
FEATURES:
 On-the-fly verification of the integrity of the data in transit.
 Low cost for the computation and communication cost incurred during the
content distribution process.
 Able to achieve reasonable speed and the sparse variant performs just as well
as the random network coding using typical parameters.
ADVANTAGES:
 Completely Secured against traffic analysis in networks.
 In addition, flow tracing or any other such kind of threats cannot be launched
networks.
 With homomorphic encryption, the proposed scheme offers two significant
privacy-preserving features, packet flow untraceability and message content
confidentiality, for efficiently thwarting the traffic analysis attacks.
ARCHITECTURE DESIGN:
MODULES:
 On-the-fly Byzantine fault detection network creation module
 Enhanced Encoding Security Scheme Module
 Sparse Random Linear Network Coding Module
 Verification Algorithm Module
 Attackers Module
MODULE DESCRIPTION:
On-the-fly Byzantine fault detection network creation module
In this module first we create the environment of on-the fly Byzantine fault detection
network, to propose our technique of An Efficient Content Distribution system via
Network Coding using A Faster Homomorphic Hash Function technique. The
network creation module will be as follows:
SOURCE NODE
INTERMEDIATE NODES
SINK NODE
So, first we create network module with Source node, intermediate nodes and sink
node. In this network environment we are going to perform our technique of An
Efficient Content Distribution system via Network Coding using A Faster
Homomorphic Hash Function.
Enhanced Encoding Security Scheme Module
Homomorphic Encryption Functions (HEFs) have the property of homomorphism,
which means operations on plaintext can be performed by operating on
corresponding ciphertext. If (⋅ ) is a HEF, (𝑥 + 𝑦) can be computed from (𝑥) and (𝑦)
without knowing the corresponding plaintext x and y.
The main objective of this module is to protect the message content of outgoing
packets from the sender side. The attackers may perform more advanced traffic
analysis/flow tracing techniques, including size correlation, time correlation, and
message content correlation. Adversaries can further explore these techniques to
deduce the forwarding paths and thus to compromise user privacy.
Sparse Random Linear Network Coding Module:
The computation overhead involved in the content distribution consists of two parts.
The first part is the cost due to the verification of the packets, and the second part is
the cost due to the need to compute random combinations of the data blocks. The
preceding sections of this paper focus on the first part of the cost, which can be
reduced through the use of more efficient hash functions and batch verification
techniques as we have discussed. Nevertheless, the second part of the cost also plays
a very important role in practice, especially when the content is large (e.g., in the
order of gigabytes), and it has a significant impact on the choice of parameters.
Here, we propose a simple yet powerful alternative to avoid high computation cost
when computing the random combinations. We will refer to this method as Sparse
Random Linear Network Coding. The idea is that, instead of computing a random
combination of all the n data blocks, we can instead randomly select only _ of them
and compute a random combination of only those _ blocks. More precisely, when a
node A needs to send a packet ðx; cÞ to its downstream node
Packet 0
Packet n
Packet 1
Packet 2
Sparse Random Linear
Network Coding
Packet m
Packet 3
Packet o
Packet n
Verification Algorithm Module
In this module, we perform batch verification algorithm , where the objective is to
verify that the data received at destination is same as that of data sent from source.
When the data packets are generated, a coefficient is created. The coefficient value
will be checked at the destination. In case, if there are any packet corrupted then the
coefficient value is not generated so the verification fails. In case, if there are no
packet corrupted then the verification passes.
PACKET 1
PACKET 2
C
PACKET 3
PACKET N
Attackers Module
The generation number of a packet can be hidden in the secure routing scheme
through link-to-link encryption. In this way, attackers cannot find the generation
number of a packet for their further analysis. Notice that secure routing paths are
only required to be established at the beginning of each session; during the packet
transmission, secure routing paths are not required to change or re-established for
each new generation. In this module, we show the evaluation of our system by using
two scenarios: Normal and attacker. In case, if the scenario is normal then the data
content is revealed to the user, in case if the scenarios is attacker then the data
contents are blocked.
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
• System
: Pentium IV 2.4 GHz.
• Hard Disk
: 40 GB.
• Floppy Drive
: 1.44 Mb.
• Monitor
: 15 VGA Colour.
• Mouse
: Logitech.
• Ram
: 512 Mb.
SOFTWARE REQUIREMENTS:
• Operating system : Windows XP.
• Coding Language : JAVA
• TOOL
: NETBEANS IDE
Download